Not sure if there was more in the OP's post, the remailer they're
using must have been blocked by Aioe, because it's not showing here.
"According to the ASCS, the main way the attackers have compromised
systems is via a piece of software used to manage web servers called
Telerik UI.
This vulnerability -- and the patch to fix it -- has been around
since 2019.
The ASCS also issued an advisory on this very vulnerability in just
March this year."
https://www.abc.net.au/news/2020-06-20/australian-departments-routinely-audited-for-cyber-readiness/12375050
So if the Australian Cyber Security Centre can be believed, it's not
so much to do with the NBN as specific government department servers
and their insecure software.
As for where the attack came from. China seems probable, but public
information on any "smoking guns" that actually reveal who performs
these attacks never seems to be made public, so one wonders if any
of them can genuinely be attributed to a particular government
hacking programme without reasonable doubt.
It's hard to imagine that state actors couldn't pull off almost any
attack via secret VPN servers located in other countries, so the idea
that you can study the attack itself and conclude where it came from
seems very odd to me. Unless there are spies "on the inside" at
least (the US probably has, but I doubt they'd tell our government
what they find out).
--
__ __
#_ < |\| |< _#